<?php
    require('common.php');
    
    $db = new Database();
    $user = getUser($db);
    
    // Error check
    if($user['group'] < 2) {
        redirect('index.php');
        exit();
    }
    checkCsrfGuard();
    
    // get $names
    $result = $db->query('SELECT name FROM '.config('DB_PREFIX').'misc');
    $names = array();
    while($row = mysqli_fetch_assoc($result))
        $names[] = $row['name'];
    
    // Update db
    foreach($names as $name) {
        if(!isset($_POST[$name]))
            throw new Exception('Bad request.');
        $db->query('UPDATE '.config('DB_PREFIX').'misc SET '.
        'value='.$db->escape($_POST[$name]).' '.
        'WHERE name='.$db->escape($name));

    }
        
    // Success
    redirect('settings.php');
?>